Privacy Policy
1. Controller
Voltaris GmbH, Hamburger Str. 13, 29392 Wesendorf, Deutschland
Contact: info@voltaris-trafo.com
2. Data we process
We process account and contact data (company, legal form, contact person, addresses, VAT ID), contract and payment data (orders, invoices via our payment provider Stripe) and usage data technically required to operate the website.
3. Verification documents
To verify business status (§ 14 German Civil Code) we collect a commercial register extract or business registration certificate during sign-up. Documents are stored encrypted in access-restricted storage and are only accessible to authorised staff for account review (legal basis: Art. 6(1)(b) GDPR).
Retention: if registration is declined, documents are deleted within ⟦30⟧ days. For active accounts they are retained for the duration of the business relationship and deleted within ⟦90⟧ days after its end, unless statutory retention obligations apply.
4. Cookies
We only use technically necessary cookies (session and security cookies, language preference, cookie-notice acknowledgement). No tracking, no sharing for advertising purposes.
5. Contact form and server logs
When you use the contact form, we process the data provided to handle your enquiry (Art. 6(1)(b)/(f) GDPR). When accessing the website, server log data (IP address, timestamp, requested page, user agent) is processed by our hosting provider for technical reasons and deleted after a short period (Art. 6(1)(f) GDPR — operational security).
6. Retention of contract and invoice data
Order, contract and invoice data is subject to statutory retention obligations (§ 147 AO, § 257 HGB — up to 10 years) and is deleted after these periods expire.
7. Recipients and third-country transfers
Processors: Supabase (hosting/database, EU region), Vercel (web hosting), Stripe (payments), Resend (email). Data processing agreements are in place with all providers; third-country transfers are based on EU Standard Contractual Clauses.
8. Your rights
You have the right of access, rectification, erasure, restriction of processing, data portability and objection (Art. 15–21 GDPR), and the right to lodge a complaint with a supervisory authority.